FF Clarify Feature-Policy header not sent #20729
Conversation
github-actions
bot
added
the
data:http
hamishwillee
changed the title
There was a problem hiding this comment.
hmmm, so essentially the header is not recognized at all? Maybe it would be better tosay not supported then? (or behind a pref)?
And instead of "Header not sent", I would say "Header not recognized" because I guess people do successfully send this header, some browsers recognize it, but Firefox doesn't.
Yes, FF can be made to recognise it with a pref but out of the box ignores it (and that pref will never be set by default). I am happy to make this false, remove the partial implementation but keep the note - that would be accurate.
That would be more correct. I'll this tomorrow unless you say "changed my mind". Thank you for the advice. |
Sounds good to me! |
| @@ -141,7 +139,7 @@ | |||
| "webview_android": "mirror" | |||
| }, | |||
| "status": { | |||
| "experimental": true, | |||
| "experimental": false, | |||
There was a problem hiding this comment.
This is OK because the feature is available in multiple browsers. I suspect that this is why it was done as partial implementation.
|
Hi @Elchi3 This proved a bit of a shit.
What I have done is your original suggestion - just changed text to "recognized". This will all fix itself once the header is sent. |
|
I just noticed we also have #20328. |
|
That said, I think the changes to Permission-Policy.json are an improvement. The Feature-Policy.json changes will be void soon anyway... |
@Elchi3 The docs work was already done - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy now redirects. The Feature-Policy json is an orphan - I'm only updating it because it is there and I don't know how it is used. IMO we should just merge #20328 to delete it. Can you merge this then? As you say, it is better/less ambiguous. |
* FF Clarify header not sent * Change notes to not-recognised * Fix typo recognised
The Permissions-Policy and Feature-Policy for FF confused me because it said partial support of the header and indicated
So the header isn't actually supported, just the functionality that the header provides. Someone who knows how this all works might not be confused, but I was. So what I have done is change the note text to:
The bug links are different - for Feature-Policy I link to the bug where the header was disabled by default. For
Permissions-PolicyI link to the bug where the header is intended to be updated toPermissions-Policyand be sent. I think that makes sense for the later case, because you mostly want to be able to track when this will be fixed.This fell out of work done for mdn/content#28848